This invention relates generally to providing access to a computer system through an open application programming interface (API) and, more particularly, to network-based methods and systems for propagating a client identity in a service call from a gateway system to a target service system.
There are service provider companies that provide a variety of services to numerous consumers. These service provider companies utilize computer systems to provide these services. For example, in the financial industry, companies such as large banks, interchange networks and payment networks provide certain financial services to consumers, companies and other banks. Oftentimes, these service provider companies provide services that include receiving, processing and storing financial data in computer systems managed by the service provider companies. In many cases, access to this financial data is restricted to certain approved users. Restricting access to such financial data provides at least some protection for the data. However, it also limits the potential uses of the data.
Software developers around the world are able to develop computer programs, sometimes called applications, which are configured to utilize data such as the data stored within computer systems used by certain service provider companies. Of course, in order for these computer programs to use such data, the developer programs must be able to access the data and be able to request the data in a proper format. One way to access the data stored by these service provider companies is through an open application programming interface (API).
By allowing software developers to access data stored within computer system used by these service provider companies, the service provider companies are able to leverage these developer applications as well as increase their transaction volume. Thus, by providing this data access to developers, these service provider companies are able to provide additional services to both existing and new customers, which in turn improves the profitability of these companies. However, the providing of such data access also creates certain risks and challenges for the service provider companies.
Accordingly, it would be desirable to provide a computer system having an open API that could be used by certain service provider companies, such as financial transaction companies, that is configured to: (i) propagate a client identity in a service call from a gateway system to a target service system in a service provider (SP) computer system; (ii) provide to a service system security authorization for the identity for each request message requesting services; and (iii), and provide client profile information to the service system to permit additional features to be incorporated into the response.